Available Attacks ================= AIM Server Response Jamming --------------------------- ``aim_server_response_jamming`` drops the ``AIMServerResponse`` batch emitted by the RSU ``aim_server`` service. This simulates downlink channel jamming or complete delivery loss for AIM responses. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles. AIM Server Response Replay -------------------------- ``aim_server_response_replay`` replays the previous batch of ``AIMServerResponse`` messages produced by the RSU ``aim_server`` service. This makes connected vehicles consume stale trajectory outputs instead of the latest predictions. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles. The first intercepted response batch is stored as-is, and the replay effect begins from the next batch. AIM Client Request Speed Spoofing --------------------------------- ``aim_client_request_speed_spoofing`` rewrites outgoing ``AIMServerRequest`` messages produced by each targeted ``aim_client``. The configured spoofer biases the reported speed and yaw before the request is sent to the RSU. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles. AIM Client Response Sniffer --------------------------- ``aim_client_response_sniffer`` passively observes ``AIMServerResponse`` messages consumed by targeted ``aim_client`` services. The sniffer stage does not rewrite traffic; it only installs observers on the matched response capability handlers. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles. AIM Client Request Position Spoofing ------------------------------------ ``aim_client_request_position_spoofing`` rewrites the outgoing ``AIMServerRequest.position`` reported by one tracked ``aim_client``. The configured attack starts only after at least two vehicles are inside the AIM zone, then selects one tracked client and biases its reported longitudinal position before the request is sent to the RSU. The attack stops once the RSU no longer tracks any vehicles. AIM Client Identity Spoofing ---------------------------- ``aim_client_identity_spoofing`` forces one tracked ``aim_client`` to emit outgoing ``AIMServerRequest`` messages under a synthetic identity. The configured attack starts only after at least two vehicles are inside the AIM zone. Both the transport envelope ``src_owner_id`` and ``payload.vehicle_id`` are rewritten to ``cav-spoofed``. The attack stops once the RSU no longer tracks any vehicles. AIM Client Reservation Stealing ------------------------------- ``aim_client_reservation_stealing`` targets one tracked ``aim_client`` and combines request position spoofing with speed inflation. The configured attack starts only after at least two vehicles are inside the AIM zone. The result is an outgoing ``AIMServerRequest`` that makes the attacker appear closer to the conflict zone and moving faster than it really is. The attack stops once the RSU no longer tracks any vehicles. AIM Server Request Replay ------------------------- ``aim_server_request_replay`` replays the previous batch of ``AIMServerRequest`` messages observed by the RSU ``aim_server`` service. This makes the AIM model consume stale client state instead of the latest uplink batch. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles. The first intercepted request batch is stored as-is, and the replay effect begins from the next batch. AIM Server Request DDoS ----------------------- ``aim_server_request_ddos`` probabilistically drops incoming ``AIMServerRequest`` messages observed by the RSU ``aim_server`` service. The builtin config uses a ``drop_rate`` of ``0.3`` to simulate partial uplink loss or overload on the request path. The attack starts when an AIM-enabled RSU begins tracking vehicles and stops when the RSU no longer tracks any vehicles.